* Users list: Cleanups
* Policies: Flip registration settings
* Policies: Add RequireUserApproval setting
* Add approval to user
* Require approval on login and for API key
* API handling
* AccountController cleanups
* Test fix
* Apply suggestions from code review
Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com>
* Add missing imports
* Communicate login requirements to user on account creation
* Add login requirements to basic auth handler
* Cleanups and test fix
* Encapsulate approval logic in user service and log approval changes
* Send follow up "Account approved" email
Closes#5656.
* Add notification for admins
* Fix creating a user via the admin view
* Update list: Unify flags into status column, add approve action
* Adjust "Resend email" wording
* Incorporate feedback from code review
* Remove duplicate test server policy reset
---------
Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com>
* Adapt cookie auth to work with same API permission system
* Handle unscoped store permission case
* Do not consider Unscoped as a valid policy
* Add tests
* Refactor permissions scopes
---------
Co-authored-by: Dennis Reimann <mail@dennisreimann.de>
Co-authored-by: nicolas.dorier <nicolas.dorier@gmail.com>
* Greenfield: Admins can create/delete API keys of any user
* Greenfield: Improve doc for scoped apikey (Close#4673)
* Fix permissions hierarchy
* Update BTCPayServer.Client/Permissions.cs
* Fix tests
---------
Co-authored-by: Andrew Camilleri <evilkukka@gmail.com>
* Editorconfig: Add space_before_self_closing setting
This was a difference between the way dotnet-format and Rider format code. See https://www.jetbrains.com/help/rider/EditorConfig_Index.html
* Editorconfig: Keep 4 spaces indentation for Swagger JSON files
They are all formatted that way, let's keep it like that.
* Apply dotnet-format, mostly white-space related changes
* Plugins: Add authorization hook
Makes the `PolicyRequirement` available to plugins.
Adds a filter hook to the authorization handlers, so that plugins can extend and leverage the existing authorization policies and permissions.
* Update to pass back and forth handle class
* Allow Users to be disabled/enabled
* rebrand to locked for api
* Update BTCPayServer/Views/UIAccount/Lockout.cshtml
Co-authored-by: d11n <mail@dennisreimann.de>
* fix docker compose and an uneeded check in api handler
* fix
* Add enabled user test
Co-authored-by: d11n <mail@dennisreimann.de>
Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com>
* Mention the missing API permission in the response header or body
* Fixes + Added a unit test. 1 TODO remains.
* Added MissingPermissionDescription to the error
* Update BTCPayServer.Tests/GreenfieldAPITests.cs
Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com>
* Fix tests
* [GreenField]: Make sure we are sending fully typed errors
Co-authored-by: Nicolas Dorier <nicolas.dorier@gmail.com>
* wip
* Local GreenField Client for Plugins
* support notification handlers being missing
* Initial support for scoped btcpay client
* test out scoped local client
* wip
* small fix
* Throw exception if using local greenfield client and it has not been implemented yet
* adapt based on new changes in BTCPay
* update
* fix tests
* Allow Local client to bypass authorization handler
* Add Misc endpoints to Local API Client
* Add new endpoints
* Apply code review changes
* Migrate existing U2F to Fido2
This seamlessly switches all u2f registrations over to the new FIDO2 support. Please note that I have not yet added a way to drop the u2f DB and its UI so that we can test the migration works properly for all.
* add testing logic
* fix u2f tests
* remove duplicate status message
* fix test and namespaces
* fix test
* GreenField: Notifications API
This refactors notifications so that we dont have a bunch of duplicated direct access to db contexts in controllers and then introduces new endpoints to fetch/toggle seen/remove notifications of the current user.
* add tests + docs
* fix test
* pr changes
* fix permission json
This allows plugins to create custom dbcontexts, which would be namespaced in the scheme with a prefix. Migrations are supported too and the table would be prefixed too
This lets the authorize api key screen redirect to the defined url and provide it with the user id, permissions granted and the key.
This also allows apps to match existing api keys generated for it specifically using the application identifier, and if matched, presented with a confirmation page before redirection.
* GreenField: Cross-implemenation Lightning Node API
* switch to hard unrsstricted check
* fix
* set LightningPrivateRouteHints in swagger + stores api
* add priv route hint
* rename models and add swagger defs to models
* GreenField: Payment Requests CRUD
* fixes
* fix swagger
* fix swag
* rebase fixes
* Add new permissions for payment requests
* Adapt PR to archive
* fix tst
* add to contains policxy
* make decimals returned as string due to avoid shitty language parsing issues
* do not register decimal json converter as global
* fix cultureinfo for json covnerter
* pr changes
* add json convertet test
* fix json test
* fix rebase
